CVE-2007-4074

NONECVSS 0.0

0.0

The default configuration of Centre for Speech Technology Research (CSTR) Festival 1.95 beta (aka 2.0 beta) on Gentoo Linux, SUSE Linux, and possibly other distributions, is run locally with elevated privileges without requiring authentication, which allows local and remote attackers to execute arbitrary commands via the local daemon on port 1314, a different vulnerability than CVE-2001-0956. NOTE: this issue is local in some environments, but remote on others.

🔗 References (16)

cve@mitrehttp://bugs.gentoo.org/show_bug.cgi?id=170477
cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html
cve@mitrehttp://secunia.com/advisories/26229
cve@mitrehttp://secunia.com/advisories/27271
cve@mitrehttp://security.gentoo.org/glsa/glsa-200707-10.xml
cve@mitrehttp://www.securityfocus.com/archive/1/490465/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/25069
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/35606
af854a3a-2127-422b-91ae-364da2661108http://bugs.gentoo.org/show_bug.cgi?id=170477
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26229
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27271
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200707-10.xml
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/490465/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/25069

Is Your Infrastructure Affected by CVE-2007-4074?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-4074

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-4074?